BUG: soft lockup in sys

Kernel	Title	Repro	Cause bisect	Fix bisect	Count	Last	Reported	Patched	Status
android-5-15	BUG: soft lockup in sys_getsockopt				2	18h04m	3d05h	0/2	premoderation: reported on 2024/04/23 07:54
watchdog: BUG: soft lockup - CPU#0 stuck for 123s! [syz-executor.5:10587]
Modules linked in:
irq event stamp: 10520506
hardirqs last  enabled at (10520505): [<ffffffff81006a23>] trace_hardirqs_on_thunk+0x1a/0x1c arch/x86/entry/thunk_64.S:41
hardirqs last disabled at (10520506): [<ffffffff81006a3f>] trace_hardirqs_off_thunk+0x1a/0x1c arch/x86/entry/thunk_64.S:42
softirqs last  enabled at (10520504): [<ffffffff882006cd>] __do_softirq+0x6cd/0x98c kernel/softirq.c:319
softirqs last disabled at (10520497): [<ffffffff81473e6b>] invoke_softirq kernel/softirq.c:373 [inline]
softirqs last disabled at (10520497): [<ffffffff81473e6b>] irq_exit+0x19b/0x1e0 kernel/softirq.c:413
CPU: 0 PID: 10587 Comm: syz-executor.5 Not tainted 5.5.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
RIP: 0010:csd_lock_wait kernel/smp.c:109 [inline]
RIP: 0010:smp_call_function_single+0x18d/0x480 kernel/smp.c:311
Code: 00 48 8b 4c 24 08 48 8b 54 24 10 48 8d 74 24 40 8b 7c 24 1c e8 c4 f9 ff ff 41 89 c5 eb 07 e8 aa 22 0b 00 f3 90 44 8b 64 24 58 <31> ff 41 83 e4 01 44 89 e6 e8 15 24 0b 00 45 85 e4 75 e1 e8 8b 22
RSP: 0018:ffffc900064e7740 EFLAGS: 00000293 ORIG_RAX: ffffffffffffff13
RAX: ffff88804f14a600 RBX: 1ffff92000c9ceec RCX: ffffffff816a12ab
RDX: 0000000000000000 RSI: ffffffff816a1296 RDI: 0000000000000005
RBP: ffffc900064e7818 R08: ffff88804f14a600 R09: ffffed1015d27099
R10: ffffed1015d27098 R11: ffff8880ae9384c7 R12: 0000000000000003
R13: 0000000000000000 R14: 0000000000000001 R15: 0000000000000000
FS:  0000000002007940(0000) GS:ffff8880ae800000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb7fffee518 CR3: 000000004f0b3000 CR4: 00000000001426f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 smp_call_function_many_cond+0x1af/0x9b0 kernel/smp.c:439
 smp_call_function_many kernel/smp.c:498 [inline]
 smp_call_function+0x45/0x90 kernel/smp.c:520
 on_each_cpu+0x2f/0x1f0 kernel/smp.c:627
 flush_tlb_kernel_range+0x19b/0x250 arch/x86/mm/tlb.c:839
 kasan_release_vmalloc+0xb4/0xc0 mm/kasan/common.c:990
 __purge_vmap_area_lazy+0xca5/0x1ef0 mm/vmalloc.c:1329
 try_purge_vmap_area_lazy mm/vmalloc.c:1348 [inline]
 free_vmap_area_noflush+0x2c8/0x390 mm/vmalloc.c:1384
 free_unmap_vmap_area mm/vmalloc.c:1397 [inline]
 remove_vm_area+0x1cf/0x230 mm/vmalloc.c:2217
 vm_remove_mappings mm/vmalloc.c:2244 [inline]
 __vunmap+0x239/0x950 mm/vmalloc.c:2306
 __vfree+0x41/0xd0 mm/vmalloc.c:2363
 vfree+0x5f/0x90 mm/vmalloc.c:2393
 copy_entries_to_user net/ipv6/netfilter/ip6_tables.c:883 [inline]
 get_entries net/ipv6/netfilter/ip6_tables.c:1041 [inline]
 do_ip6t_get_ctl+0x750/0x960 net/ipv6/netfilter/ip6_tables.c:1709
 nf_sockopt net/netfilter/nf_sockopt.c:104 [inline]
 nf_getsockopt+0x7a/0xd0 net/netfilter/nf_sockopt.c:122
 ipv6_getsockopt net/ipv6/ipv6_sockglue.c:1400 [inline]
 ipv6_getsockopt+0x20e/0x290 net/ipv6/ipv6_sockglue.c:1380
 tcp_getsockopt net/ipv4/tcp.c:3693 [inline]
 tcp_getsockopt+0x8f/0xe0 net/ipv4/tcp.c:3687
 sock_common_getsockopt+0x94/0xd0 net/core/sock.c:3108
 __sys_getsockopt+0x16d/0x310 net/socket.c:2175
 __do_sys_getsockopt net/socket.c:2190 [inline]
 __se_sys_getsockopt net/socket.c:2187 [inline]
 __x64_sys_getsockopt+0xbe/0x150 net/socket.c:2187
 do_syscall_64+0xfa/0x790 arch/x86/entry/common.c:294
 entry_SYSCALL_64_after_hwframe+0x49/0xbe
RIP: 0033:0x45deaa
Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 8d 8b fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 6a 8b fb ff c3 66 0f 1f 84 00 00 00 00 00
RSP: 002b:0000000000a6f618 EFLAGS: 00000212 ORIG_RAX: 0000000000000037
RAX: ffffffffffffffda RBX: 0000000000a6f640 RCX: 000000000045deaa
RDX: 0000000000000041 RSI: 0000000000000029 RDI: 0000000000000003
RBP: 000000000071bcc0 R08: 0000000000a6f63c R09: 0000000000004000
R10: 0000000000a6f740 R11: 0000000000000212 R12: 0000000000000003
R13: 0000000000000000 R14: 0000000000000029 R15: 0000000000719b00
Sending NMI from CPU 0 to CPUs 1:
NMI backtrace for cpu 1
CPU: 1 PID: 8439 Comm: kworker/1:3 Not tainted 5.5.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: rcu_gp process_srcu
RIP: 0010:lockdep_hardirqs_on+0x22/0x5e0 kernel/locking/lockdep.c:3398
Code: 0f 1f 84 00 00 00 00 00 48 c7 c0 b4 eb a4 8a 55 48 ba 00 00 00 00 00 fc ff df 48 89 c1 48 89 e5 41 54 83 e0 07 48 c1 e9 03 53 <83> c0 03 49 89 fc 0f b6 14 11 38 d0 7c 08 84 d2 0f 85 5b 04 00 00
RSP: 0018:ffffc90018917cb8 EFLAGS: 00000803
RAX: 0000000000000004 RBX: 0000000000000000 RCX: 1ffffffff1549d76
RDX: dffffc0000000000 RSI: ffffffff817acafe RDI: ffffffff87ebd793
RBP: ffffc90018917cc8 R08: ffff88809f5cc440 R09: ffffed1015d26da9
R10: ffffed1015d26da8 R11: ffff8880ae936d43 R12: ffff8880ae936d40
R13: ffffffff814cfc13 R14: ffffffff87ebd793 R15: ffff88809551d700
FS:  0000000000000000(0000) GS:ffff8880ae900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007fb800638000 CR3: 00000000a3081000 CR4: 00000000001426e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
 trace_hardirqs_on+0x67/0x240 kernel/trace/trace_preemptirq.c:31
 __raw_spin_unlock_irq include/linux/spinlock_api_smp.h:168 [inline]
 _raw_spin_unlock_irq+0x23/0x80 kernel/locking/spinlock.c:199
 spin_unlock_irq include/linux/spinlock.h:388 [inline]
 process_one_work+0x8f3/0x17a0 kernel/workqueue.c:2237
 worker_thread+0x98/0xe40 kernel/workqueue.c:2410
 kthread+0x361/0x430 kernel/kthread.c:255
 ret_from_fork+0x24/0x30 arch/x86/entry/entry_64.S:352